Network based services or transactions, such as those provisioned over the Internet, typically involve multiple interactions between entities, such as a sender and recipient or a user and a service provider, to request or otherwise establish a connection therebetween and implement the service or complete the transaction. Even the mere access of a web site involves a complex suite of interactions between a web browser program and a web server. Such transactions may be for legitimate purposes or they may be for fraudulent or illicit purposes. While the overall transaction being attempted may be one that is fraudulent or otherwise illicit, these interactions, including requests and responses thereto, taken alone may seem innocuous. In particular, one may not even be able to detect that a given transaction is illegitimate until multiple interactions have taken place, the intent then being discernable from the aggregate interactions.
For example, VoIP requires a complex set of interactions between callers, service providers and recipients to set up and implement voice communications therebetween. The use of SIP based VoIP for internet protocol (“IP”) telephony services may be increasing in popularity. The increased popularity of SIP based services may be exposing potential vulnerabilities in SIP based VoIP. SIP based VoIP may be particularly susceptible to signal based fraud and denial of service attacks. SIP based VoIP may have inherited the potential for fraud associated with both standard telephony and IP data services. In addition VoIP may be associated with new characteristics which may require protections beyond those available for standard telephony and IP data services. Unfortunately, distinguishing legitimate from fraudulent use of VoIP is difficult as, for example, the initial interactions necessary to establish connections may look identical for both legitimate and fraudulent use with the nature of the use being discernable only after the use has substantially begun or ended.